From: nelson@media.mit.edu (Nelson Minar)
Date: Fri, 6 Jun 1997 02:55:47 +0800
To: "Phillip M. Hallam-Baker" <hallam@ai.mit.edu>
Subject: Re: Password pirates plunder XXX sites, from The Netly News
In-Reply-To: <199706051708.NAA09369@life.ai.mit.edu>
Message-ID: <199706051836.OAA01401@pinotnoir.media.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain



[about people stealing passwords to porn sites]
>>Although you can never completely eliminate it, technological fixes
>>to do velocity checking, source IP address profiling, etc., seem so
>>obvious I just don't see how this can be any sort of insurmountable
>>problem...

Maybe so, maybe not.

>I think the problem is that a large number of the people who run porn
>sites are neither technically sophisticated nor well funded.

That profile's not exactly accurate. Some of the folks running porn
sites are very sophisticated. More to the point, I don't know of *any*
site that does the sort of protection proposed above. I don't think
it's an easy thing to do. An enterprising person could probably turn
quite a few bucks selling that sort of system.

But do the porn sites want it? The stolen passwords might partly serve
as free advertisement. The situation might be similar to (some kinds
of) pirated software. The stolen version acts as a teaser but
(hopefully) the consumer will eventually pay himself in order to have
more convenient access.